Protection Against Cyber Threats
Essential Eight Maturity Model
The Essential Eight are designed to protect Microsoft Windows-based internet-connected networks. While the Essential Eight may be applied to cloud services and enterprise mobility, or other operating systems, it was not primarily designed for such purposes and alternative mitigation strategies may be more appropriate to mitigate unique cyber threats to these environments. In such cases, organisations should consider alternative guidance provided by the ACSC.
Talks to one of our consultants who can help you on your cyber security Journey.
Application control is implemented on workstations and servers to restrict the execution of executables, software libraries, scripts, installers, compiled HTML, HTML applications, control panel applets and drivers to an organisation-approved set.
Patches, updates or vendor mitigations for security vulnerabilities in internet-facing services are applied within two weeks of release, or within 48 hours if an exploit exists. Patches, updates or vendor mitigations for security vulnerabilities in office productivity suites, web browsers and their extensions, email clients, PDF software, and security products are applied within two weeks of release, or within 48 hours if an exploit exists
Microsoft Office macros are disabled for users that do not have a demonstrated business requirement. Only Microsoft Office macros running from within a sandboxed environment, a Trusted Location or that are digitally signed by a trusted publisher are allowed to execute. Only privileged users responsible for validating that Microsoft Office macros are free of malicious code can write to and modify content within Trusted Locations
Configure Office Macros
User Application Hardening
Web browsers do not process Java from the internet. Web browsers do not process web advertisements from the internet. Internet Explorer 11 is disabled or removed. Microsoft Office is blocked from creating child processes. Microsoft Office is blocked from creating executable content. Microsoft Office is blocked from injecting code into other processes.
Requests for privileged access to systems and applications are validated when first requested. Privileged access to systems and applications is automatically disabled after 12 months unless revalidated. Privileged access to systems and applications is automatically disabled after 45 days of inactivity.
Restrict Admin Privileges
Patch Operating Systems
Patches, updates or vendor mitigations for security vulnerabilities in operating systems of internet-facing services are applied within two weeks of release, or within 48 hours if an exploit exists. Patches, updates or vendor mitigations for security vulnerabilities in operating systems of workstations, servers and network devices are applied within two weeks of release, or within 48 hours if an exploit exists.
Multi-factor authentication is used by an organisation's users if they authenticate to their organisation’s internet-facing services. Multi-factor authentication is used by an organisation’s users if they authenticate to third-party internet-facing services that process, store or communicate their organisation's sensitive data. Multi-factor authentication (where available) is used by an organisation’s users if they authenticate to third-party internet-facing services that process, store or communicate their organisation's non-sensitive data.
Backups of important data, software and configuration settings are performed and retained in a coordinated and resilient manner in accordance with business continuity requirements. Restoration of systems, software and important data from backups is tested in a coordinated manner as part of disaster recovery exercises. Unprivileged accounts, and privileged accounts (excluding backup administrators), cannot access backups.
Endpoint Cyber Security FAQs
What is endpoint cyber security?
Endpoint cyber security is the process of protecting endpoints from external cyber attacks such as phishing, ransomware and data hacks. These endpoints are physical devices that connect to a computer network and share information with each other. For example: mobile devices, desktop computers, embedded devices, and servers that connect to your business’s IT network. As they are vital for the exchange and processing of valuable data, these endpoints need to be protected.
Endpoint security is just one part of the ACSC strategies to mitigate cyber security incidents and protect your business from external threats.
What are Strategies to Mitigate Cyber Security Incidents by Australian Cyber Security Centre (ACSC)?
The purpose of the ACSC is to provide up-to-date and nationwide cybersecurity principles that will affect every Australian business with an IT network.
These cyber security principles work in tandem with our values at Setup4 and are grouped into four key activities that follow:
Identifying and managing security risks.
Implementing controls to reduce security risks.
Detecting and monitoring cyber security risks that could be potentially harmful.
Responding to and recovering from cyber security incidents.
What is the Essential Eight Maturity Model?
The essential eight maturity model is designed to protect Microsoft Windows-based IT networks. This model can be applied to cloud services, enterprise and Ecommerce-based operating systems. But it will not be as efficient as Windows-based software such as Microsoft 365, Microsoft Teams, OneDrive and others.
We go through the following steps to complete the model:
- Application Control
- Patch Application
- Configure Microsoft Office Macros
- User Application Hardening
- Restrict Admin Privileges
- Patch Operating Systems
- Multi-Factor Authentication
- Daily Backups
Why should I sign up for endpoint cyber security?
In recent years, there has been a systematic increase in the number of nationwide cyber attacks in Australia and a greater need for a robust, dynamic and active cyber security setup.
As a business that deals with data, whether that is as a SaaS or by hosting clients’ private information, it is a legal requirement to ensure that the best data security practices are being used as issued by the ACSC. Our team of IT security professionals ensure that your client’s and customer data is protected.
What is the difference between endpoint cyber security vs network cyber security?
Endpoint security is specific to safeguarding the devices that manage and exchange key data across your business’s IT network. These devices include laptops, phones, tablets and services and can be used as access points by cyber-attacks if they are not kept adequately secure.
Network security relates to the protection of the internal network infrastructure itself. Any data that is sent across the network needs to be able to defend against threats that aim at cloud data, firewalls and networked devices.
Both types of security are vital for the IT management and running processes of a business.
Have a Project in mind?
Let's have a chat with our Experts.
Need to talk to an IT Expert? Fill out the form and one of our experts will get in touch with you very shortly.
If you prefer to give us a call, we are ready to talk to you.